<?php
    session_start();
    ini_set('display_errors','0');
    header('Content-type:text/html;charset=utf-8');
//var_dump($_POST);
    $userName=$_POST['userName'];
    $passwd=md5($_POST['passwd']);
    $zhuangtai=$_POST['zhuangtai'];
    $ctime=time();
   
   

   
   
    //连接数据库进行用户名，密码验证；
    include('../install/dbconfig.php');
    mysql_connect(DB_HOST,DB_USER,DB_PASSWD);
    mysql_select_db(DB_NAME);
    mysql_set_charset(DB_CHARSET);
    
    if(!empty($userName)&&!empty($passwd)){
        $SQL1="select * from user where userName='{$userName}' and passwd='{$passwd}'";
        $result1=mysql_query($SQL1);
        //echo $SQL1;
        
        //判断用户、密码是否正确；
      if(mysql_num_rows($result1)>0){
            $row=mysql_fetch_assoc($result1);
            //var_dump($row);
            $SQL2="select * from userDetail where id='{$row['id']}'";
            $res=mysql_query($SQL2);
            if(mysql_num_rows($res)>0){
                $rows=mysql_fetch_assoc($res);
                        //记录登录时间比较，加积分；
                $oldtime=$rows['ctime'];
                
                    if(date('d',$ctime)!=date('d',$oldtime)){
                        $score=$rows['score']+3;
                        //在写入积分和时间
                        $SQLJ="update userDetail set ctime='{$ctime}',score='{$score}' where id='{$row['id']}'";
                        mysql_query($SQLJ);
                        $SQL3="select * from userDetail where id='{$row['id']}'";
                        $res3=mysql_query($SQL3);
                        $row3=mysql_fetch_assoc($res3);
                        
                        $_SESSION['user'] = $row;
                        $_SESSION['userDetail']=$row3;
                        $_SESSION['flag'] = md5($_SESSION['user']['userName']);
                         //var_dump($_SESSION);
                        echo '<script>alert("登录成功！");window.location.href="./index.php"</script>';
                            exit;

                    }else{
                        $SQLJ="update userDetail set ctime='{$ctime}' where id='{$row['id']}'";
                        mysql_query($SQLJ);
                        $SQL3="select * from userDetail where id='{$row['id']}'";
                        $res3=mysql_query($SQL3);
                        $row3=mysql_fetch_assoc($res3);
                        
                        $_SESSION['user'] = $row;
                        $_SESSION['userDetail']=$row3;
                        $_SESSION['flag'] = md5($_SESSION['user']['userName']);
                        echo '<script>alert("登录成功！");window.location.href="./index.php"</script>';
                            exit;
                    }
                    
          }
        }else{
            echo '<script>alert("请检查用户名和密码！");window.location.href="login.php"</script>';
            	exit;
        }
        
     }else{
        echo '<script>alert("用户名、密码不能为空！");window.location.href="login.php"</script>';
	exit;
    }
    

    
  
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
/*    
    
    //连接数据库进行用户名，密码验证；
    mysql_connect('localhost','root','liuyan');
    mysql_select_db('project');
    mysql_set_charset('utf8');
    $SQL1="select id,userName from user where userName='{$userName}'";
    $result1=mysql_query($SQL1);
    //判断用户名是否正确；
    if(mysql_num_rows($result1)>0){
        $SQL2="select id from user where passwd='{$passwd}'";
        $result2=mysql_query($SQL2);
        //判断密码是否正确
        if(mysql_num_rows($result2)>0){
            if(!empty($question) && !empty($answer)){
                $SQL3="select id,name,email from userDetail where question='{$question}' and answer='{$answer}'";
                $result3=mysql_query($SQL3);
            
                //判断安全问题是否正确
            if(mysql_num_rows($result3)>0){
               
                $arra = mysql_fetch_assoc($result3);
                    var_dump($arra);
               //  $_SESSION['userDetail']
               // $_SESSION['flag'] = md5($_SESSION['userDetail']['email']);
                
                //$_SESSION['flag'] ='abcde';
                die();
                // echo '<script>alert("登录成功！");window.location.href="./index.php"</script>';
            /*}else{
                 echo '<script>alert("您的安全问题错误！");window.location.href="login.php"</script>';
	exit;
            }
            }else{
                 echo '<script>alert("登录成功！");window.location.href="./index.php"</script>';
            }
        }else{
             echo '<script>alert("输入密码不正确！");window.location.href="login.php"</script>';
	exit;
        }

    }else{
        echo '<script>alert("您的用户名不存在！");window.location.href="login.php"</script>';
	exit;
    }

             */
?>
